Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/913FC5C6F46C11EF8A4ABC7E762E951A.roa
File: 913FC5C6F46C11EF8A4ABC7E762E951A.roa (raw, json)
Hash identifier: yfW6df9zYKSkuLl3RK6uMmEmlQDorxkvhZPpYGR2nAE=
Subject key identifier: 1B:1D:33:AC:77:FE:A3:8E:8B:D2:1E:FF:AC:66:70:27:C9:2D:E0:7B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013620
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/913FC5C6F46C11EF8A4ABC7E762E951A.roa
Signing time: Wed 26 Feb 2025 18:07:40 +0000
ROA not before: Wed 26 Feb 2025 18:07:36 +0000
ROA not after: Sat 19 Feb 2028 18:07:36 +0000
asID: 17561
IP address blocks: 156.233.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79392 (0x13620)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 18:07:36 2025 GMT
Not After : Feb 19 18:07:36 2028 GMT
Subject: CN=67bf586c-72de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c6:bc:85:71:70:77:9b:d8:0c:61:87:93:0a:
ba:00:2e:d0:97:4e:cc:33:8d:2d:70:c9:92:2a:a5:
f2:a8:b8:03:0d:57:0b:c6:c1:5c:e1:4a:01:8a:2a:
2b:04:2c:4a:4e:4d:57:a3:f4:c2:39:c5:44:a3:c3:
c1:b1:84:04:c0:c0:0b:e8:2d:31:09:5a:8d:41:f6:
95:26:b9:ec:28:c7:0e:04:3c:a8:19:4f:81:fd:03:
9b:d0:b7:63:66:c6:98:1e:14:4c:3c:04:98:e4:a1:
10:bd:4b:f3:d8:96:00:c7:db:a1:00:d1:c8:e5:7d:
fa:f9:37:6d:5a:d7:11:01:1c:ce:e2:ce:2a:f4:9a:
fa:99:c7:8f:66:53:b2:7a:2d:b9:0b:de:3b:8b:af:
05:52:17:6a:65:14:45:13:36:ff:60:c0:2f:0d:70:
fc:c1:8e:7b:f5:14:0b:4b:db:37:87:fa:7a:28:33:
70:77:59:46:26:26:7f:da:ce:8e:ae:46:cc:24:4a:
d8:0d:9e:3a:57:3d:ff:c6:f4:60:5a:ec:1f:ad:32:
58:bb:a1:40:d5:98:44:33:1e:58:06:a3:22:bb:55:
5e:87:4b:32:d9:8a:7f:33:80:46:51:cf:d9:fe:fc:
7f:d1:ff:5c:0f:cf:3c:c5:d6:46:a6:21:35:dd:73:
43:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:1D:33:AC:77:FE:A3:8E:8B:D2:1E:FF:AC:66:70:27:C9:2D:E0:7B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/913FC5C6F46C11EF8A4ABC7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.116.0/24
Signature Algorithm: sha256WithRSAEncryption
65:6a:69:6b:28:f5:72:88:2b:c1:4c:d5:db:6f:e0:e0:c1:d8:
e1:6f:c3:4d:2c:a2:35:b1:f8:26:32:44:ab:c1:7b:e2:52:05:
65:51:bb:c8:6c:52:7c:ca:d3:5d:94:0b:e2:dd:0e:9f:d8:b3:
d5:11:8e:09:61:57:31:5e:bb:70:7c:4e:25:ca:4a:78:bf:ca:
6a:bd:04:d8:e6:00:50:8f:c5:90:48:d6:56:d7:85:45:4e:33:
4d:7b:05:f0:cc:db:bc:94:64:49:13:0d:a2:09:13:ba:6a:67:
ff:14:40:61:40:fc:87:7c:16:b4:6a:95:38:0c:9d:f4:f0:54:
e1:66:b2:bd:5f:6a:6a:9f:fd:47:29:76:a2:a2:81:97:c4:10:
5f:20:eb:eb:fa:1e:7d:67:e8:19:17:70:54:10:9c:c9:f0:16:
a2:a8:e1:84:31:35:5c:96:10:ae:23:ca:1c:f7:12:34:4b:66:
e6:ab:cb:ed:c8:61:f4:5c:09:b3:03:e3:c3:e4:97:96:e3:62:
71:0e:cd:26:bd:e9:47:71:95:b1:2b:f0:98:c2:d3:fd:87:f6:
ee:b0:d0:2d:ed:5a:3f:d7:6e:ad:44:6a:c5:93:b2:de:7d:87:
da:c3:53:f5:bd:63:6a:47:e0:5a:b0:69:ac:36:c5:5b:a2:25:
52:ff:30:79
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATYgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTgwNzM2WhcNMjgwMjE5MTgwNzM2WjAYMRYw
FAYDVQQDEw02N2JmNTg2Yy03MmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuMa8hXFwd5vYDGGHkwq6AC7Ql07MM40tcMmSKqXyqLgDDVcLxsFc4UoB
iiorBCxKTk1Xo/TCOcVEo8PBsYQEwMAL6C0xCVqNQfaVJrnsKMcOBDyoGU+B/QOb
0LdjZsaYHhRMPASY5KEQvUvz2JYAx9uhANHI5X36+TdtWtcRARzO4s4q9Jr6mceP
ZlOyei25C947i68FUhdqZRRFEzb/YMAvDXD8wY579RQLS9s3h/p6KDNwd1lGJiZ/
2s6OrkbMJErYDZ46Vz3/xvRgWuwfrTJYu6FA1ZhEMx5YBqMiu1Veh0sy2Yp/M4BG
Uc/Z/vx/0f9cD888xdZGpiE13XNDLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBsd
M6x3/qOOi9Ie/6xmcCfJLeB7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MTNGQzVDNkY0NkMxMUVGOEE0QUJDN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOl0MA0GCSqGSIb3DQEBCwUA
A4IBAQBlamlrKPVyiCvBTNXbb+Dgwdjhb8NNLKI1sfgmMkSrwXviUgVlUbvIbFJ8
ytNdlAvi3Q6f2LPVEY4JYVcxXrtwfE4lykp4v8pqvQTY5gBQj8WQSNZW14VFTjNN
ewXwzNu8lGRJEw2iCRO6amf/FEBhQPyHfBa0apU4DJ308FThZrK9X2pqn/1HKXai
ooGXxBBfIOvr+h59Z+gZF3BUEJzJ8BaiqOGEMTVclhCuI8oc9xI0S2bmq8vtyGH0
XAmzA+PD5JeW42JxDs0mvelHcZWxK/CYwtP9h/busNAt7Vo/126tRGrFk7LefYfa
w1P1vWNqR+BasGmsNsVboiVS/zB5
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:16:56 2025 by rpki-client